Had an example recently of the long-term support obligations that come with developing certain sorts of products.
One of the older-model slightly-smart toasters came back for repairs.
The tech doing failure analysis noted that the controller didn't respond to the observed fault in the way he expected.
This involved the Totally Stable Firmware that everyone had signed off on just about 2 years ago, after extensive testing.
And so, after much testing, he reported the issue to me, and I couldn't see what the failure path was, and he clarified the situation, and then it just jumped out at me: yes, if either of two related special-case hardware failures is detected at a particular time, the handling is incorrect (one important line of code being skipped), potentially leading to another, more expensive, failure some time afterward.
And, after a couple of go-rounds, Management decided that, in the current situation, the trouble of implementing and qualifying the fix for a rare failure mode isn't justified.
Thus, my notes for that version of the Ancient Firmware are augmented with documentation of the problem for future reference, and next time someone orders a batch of that model, we'll make the change and run through the qualification process. Which, maybe, could even be this year or next. Or a couple of years off.
If the next order is more'n a couple of years out, the MCU may be EOL - that controller board is a 2006 design - and we could end up having to build a B model using a newer controller. Which, really, could be less of a headache: the new controllers were designed for flexibility, based on experience with the toaster at hand and a few other models that use the old board, and the firmware (fairly) easily adapts to new specifics.
Comments